CVE-2026-30793

Name of the Vulnerable Software and Affected Versions RustDesk Client versions through 1.4.5

Description A Cross-Site Request Forgery (CSRF) issue exists in RustDesk Client on Windows, MacOS, Linux, iOS, and Android. This flaw potentially allows for privilege escalation. The issue is related to the Flutter URI scheme handler and FFI bridge modules, specifically within the files flutter/lib/common.Dart and src/flutter ffi.Rs, and the routines URI handler for rustdesk://password() and bind.MainSetPermanentPassword().

Recommendations Update RustDesk Client to a version later than 1.4.5.